ѽ҉ᶬḳ℠ <vtol@xxxxxxx> wrote: > Does it work when you change policy to accept? > Yes, it does but it also opens the WAN entirely and thus not > desired. What is the logic that accept policies in the bridge > family are superseded by policies in the inet family? Its the same as with ebtables/iptables, if you accept in ebtables INPUT you can still drop in iptables INPUT. You can keep the policy at drop, sure, but you'll need to add accept rule(s) for the traffic you want to accept. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
